rpm package

opensuse/containerd&distro=openSUSE Leap Micro 5.5

pkg:rpm/opensuse/containerd&distro=openSUSE%20Leap%20Micro%205.5

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-47108	—	< 1.7.21-150000.117.1	1.7.21-150000.117.1	Nov 10, 2023	OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality.
CVE-2023-45142	—	< 1.7.21-150000.117.1	1.7.21-150000.117.1	Oct 12, 2023	OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests
CVE-2022-1996	—	< 1.7.21-150000.117.1	1.7.21-150000.117.1	Jun 6, 2022	Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.

CVE-2023-47108Nov 10, 2023
affected < 1.7.21-150000.117.1fixed 1.7.21-150000.117.1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality.
CVE-2023-45142Oct 12, 2023
affected < 1.7.21-150000.117.1fixed 1.7.21-150000.117.1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests
CVE-2022-1996Jun 6, 2022
affected < 1.7.21-150000.117.1fixed 1.7.21-150000.117.1
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.